Описание
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.1.0~rc1-2ubuntu8 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1.1.0~rc1-2ubuntu7.1]] |
| lucid | ignored | end of life |
| precise | not-affected | 1.1.0~rc1-2ubuntu6 |
| trusty | not-affected | 1.1.0~rc1-2ubuntu7.1 |
| trusty/esm | DNE | trusty was not-affected [1.1.0~rc1-2ubuntu7.1] |
| upstream | released | 1.1.0~rc1+git20111210-7.3 |
| utopic | not-affected | 1.1.0~rc1-2ubuntu8 |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported ...
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.
EPSS
6.8 Medium
CVSS2